troubleshooting Question

How do I block port 25 (SMTP) to all LAN clients except my two mail servers? (CBL blocklist)

Avatar of sot010174
sot010174 asked on
Linux SecurityEmail Protocols
1 Comment1 Solution1841 ViewsLast Modified:
Hello everyone!

Simple question, but I couldn´t find exactly what I needed on the KB:
The LAN has over 70 cpus in workgroup environment. To make things worse, we don´t have any corporate antivirus solution, we just install regular AV´s on each machine and hope for the best. Anyway, my question is:

To keep mass-mailing viruses at bay, and trying not get ourselves listed at CBL, I would like to block smtp traffic from getting out of the network, with the exception of the mail servers of course. Providing internet access, we have a SUSE/Squid/iptables server.

I would like to know what do I have to add to the iptables configuration file to allow smtp access only to two (or more) ip addresses and block all the rest (LAN only).

2 MTA´s (10.0.0.2 and 10.0.0.3)
LAN (10.0.0.50-255 MASK 255.240.0.0)
Linux (10.0.0.5 squid iptables - not transparent)

Tyvm!
ASKER CERTIFIED SOLUTION
Blaz

Our community of experts have been thoroughly vetted for their expertise and industry experience.

Join our community to see this answer!
Unlock 1 Answer and 1 Comment.
Start Free Trial
Learn from the best

Network and collaborate with thousands of CTOs, CISOs, and IT Pros rooting for you and your success.

Andrew Hancock - VMware vExpert
See if this solution works for you by signing up for a 7 day free trial.
Unlock 1 Answer and 1 Comment.
Try for 7 days

”The time we save is the biggest benefit of E-E to our team. What could take multiple guys 2 hours or more each to find is accessed in around 15 minutes on Experts Exchange.

-Mike Kapnisakis, Warner Bros